Lucene search

K
redhatcveRedhat.comRH:CVE-2023-40577
HistoryAug 29, 2023 - 3:21 p.m.

CVE-2023-40577

2023-08-2915:21:59
redhat.com
access.redhat.com
8
prometheus alertmanager
cve-2023-40577
cross-site scripting
cookie theft
web server
reverse proxy
validation
user input
remote attacker
web browser

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

14.0%

Prometheus Alertmanager is vulnerable to cross-site scripting due to improper validation of user-supplied input by the /api/v1/alerts endpoint. This issue could allow a remote attacker to inject malicious script into a web page, which would be executed in a victim’s web browser within the hosting website once the page is viewed, allow the attacker to steal the victim’s cookie-based authentication credentials.

Mitigation

Users can setup a reverse proxy in front of the Alertmanager web server to forbid access to the /api/v1/alerts endpoint.

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

0.0004 Low

EPSS

Percentile

14.0%